COMPLETE LISTING OF CLAIMS IN THE CASE 
Please amend Claims 22-25 as follows: 



1 . (Original) A method of providing flexible protection in a computer 
system by decoupling protection from privilege, the method comprising: 

enabling receipt of information describing two or more types of protection; 

enabling receipt of information describing a relationship between said two 
or more types of protection and portions of code that are executed in a same 
privilege level of the computer system, wherein said relationship is not required 
to be linear; and 

enabling the association of said information describing said two or more 
types of protection and said information describing said relationship with said 
portions of code. 

2. (Original) The method of Claim 1 , wherein said relationship is user 
definable. 

3. (Original) The method of Claim 1 , wherein said portions of code 
are domains and each of said types of protection is defined at least in part by 
one or more domain attributes. 

4. (Original) The method of Claim 3, wherein said one or more 
domain attributes includes a domain identifier that specifies to a unique value for a 
particular domain. 

5. (Original) The method of Claim 3, wherein said one or more 
domain attributes includes a Private Key that specifies a unique value for 
protecting each user that concurrently uses a particular domain. 

6. (Original) The method of Claim 3, wherein said one or more 
domain attributes includes a SharedCode Key that specifies a value that a 
particular domain must use to access code associated with another domain. 

7. (Original) The method of Claim 3, wherein said one or more 
domain attributes includes a SharedData Key that specifies a value that a 
particular domain must use to access data associated with another domain. 
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8. (Original) The method of Claim 3, wherein said one or more 
domain attributes includes an AllowOthers that specifies a value that a particular 
domain must use to access code associated with another domain in conjunction 
with said particular domain performing cross-domain switching to said other 
domain. 

9. (Original) The method of Claim 3, wherein said one or more 
domain attributes includes an AccessOthers Key that specifies a value that is 
used to request access of code associated with a particular domain on behalf of 
another domain. 

1 0. (Original) A method of providing flexible protection in a computer 
system by decoupling protection from privilege, the method comprising: 

detecting a request from a first portion of code to access a second portion 
of code, wherein said first and second portions of code are executed in a same 
privilege level of said computer system; 

determining whether said first portion of code is allowed to access said 
second portion of code based on information describing two or more types of 
protection and also based on information describing a relationship between said 
two or more types of protection and said portions of code, wherein said 
relationship is not required to be linear; and 

if said relationship specifies that said first portion of code may access said 
second portion of code, then 

allowing said first portion of code to access said second 
portion of code; 

else 

not allowing said first portion of code to access said second 
portion of code. 

1 1 . (Original) The method of Claim 1 0, wherein said information 
describing said two or more types of protection and said information describing 
said relationships are associated with said portions of code and wherein the 
method further comprises retrieving said information describing said two or more 
types of protection and said information describing said relationships . 

1 2. (Original) A computer system comprising: 
a memory unit; and 
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a processor coupled to the memory unit, the processor for executing a 
method for enforcing protection in a computer system by decoupling protection 
from privilege, the method comprising: 

enabling at a user interface receipt of information describing two or more 
types of protection; 

enabling at the user interface receipt of information describing a 
relationship between said two or more types of protection and portions of code 
are executed in a same privilege level of the computer system, wherein said 
relationship is not required to be linear; and 

enabling at a link-editor the association of said information describing said 
two or more types of protection and said information describing said relationship 
with said portions of code. 

1 3. (Original) The computer system of Claim 1 2, wherein said 
relationship is user definable. 

14. (Original) The computer system of Claim 12, wherein said portions 
of code are domains and each of said types of protection is defined at least in 
part by one or more domain attributes. 

1 5. (Original) A computer system comprising: 
a memory unit; and 

a processor coupled to the memory unit, the processor for executing a 
method for providing flexible protection in a computer system by decoupling 
protection from privilege, the method comprising: 

detecting at a memory manager a request from a first portion of code to 
access a second portion of code, wherein said first and second portions of code 
are executed in a same privilege level of said computer system; 

determining at said memory manager whether said first portion of code is 
allowed to access said second portion of code based on information describing 
two or more types of protection and also based on information describing a 
relationship between said two or more types of protection and said portions of 
code, wherein said relationship is not required to be linear; and 

if said relationship specifies that said first portion of code may access said 
second portion of code, then 

allowing at said memory manager said first portion of code 
to access said second portion of code; 

else 
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not allowing at said memory manager said first portion of 
code to access said second portion of code. 

1 6. (Original) The computer system of Claim 1 5, wherein said 
information describing said two or more types of protection and said information 
describing said relationships are associated with said portions of code and 
wherein the method further comprises retrieving at a loader said information 
describing said two or more types of protection and said information describing 
said relationships . 

1 7. (Original) A computer-usable medium having computer-readable 
program code embodied therein for causing a computer system to perform a 
method of providing flexible protection in a computer system by decoupling 
protection from privilege, the method comprising: 

enabling receipt of information describing two or more types of protection; 

enabling receipt of information describing a relationship between said two 
or more types of protection and portions of code that are executed in a same 
privilege level of the computer system, wherein said relationship is not required 
to be linear; and 

enabling the association of said information describing said two or more 
n types of protection and said information describing said relationship with said 
portions of code. 

1 8. (Original) The computer-usable medium of Claim 1 7, wherein said 
relationship is user definable. 

1 9. (Original) The computer-usable medium of Claim 1 7, wherein said 
portions of code are domains and each of said types of protection is defined at 
least in part by one or more domain attributes. 

20. (Original) The computer-usable medium of Claim 19, wherein said 
one or more domain attributes includes a domain identifier that specifies to a 
unique value for a particular domain. 

21 . (Original) The computer-usable medium of Claim 1 9, wherein said 
one or more domain attributes includes a Private Key that specifies a unique 
value for protecting each user that concurrently uses a particular domain. 
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22[[28]]. (Currently Amended) The computer-usable medium of 
Claim 19, wherein said one or more domain attributes includes a SharedCode 
Key that specifies a value that a particular domain must use to access code 
associated with another domain. 

23[[29]]. (Currently Amended) The computer-usable medium of 
Claim 19, wherein said one or more domain attributes includes a SharedData 
Key that specifies a value that a particular domain must use to access data 
associated with another domain. 

24[[22]]. (Currently Amended) The computer-usable medium of 
Claim 19, wherein said one or more domain attributes includes an AllowOthers 
that specifies a value that a particular domain must use to access code associated 
with another domain in conjunction with said particular domain performing cross- 
domain switching to said other domain. 

25[[23]]. (Currently Amended) The computer-usable medium of 
Claim 19, wherein said one or more domain attributes includes an AccessOthers 
Key that specifies a value that is used to request access of code associated with 
a particular domain on behalf of another domain. 
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